diff --git a/default_options.h b/default_options.h
index 8d04506..536f4e7 100644
--- a/default_options.h
+++ b/default_options.h
@@ -339,5 +339,6 @@ be overridden at runtime with -I. 0 disables idle timeouts */
 
 /* The default path. This will often get replaced by the shell */
 #define DEFAULT_PATH "/usr/bin:/bin"
+#define DEFAULT_ROOT_PATH "/usr/sbin:/usr/bin:/sbin:/bin"
 
 #endif /* DROPBEAR_DEFAULT_OPTIONS_H_ */
diff --git a/svr-chansession.c b/svr-chansession.c
index 35631e9..9ae2e60 100644
--- a/svr-chansession.c
+++ b/svr-chansession.c
@@ -1012,7 +1012,11 @@ static void execchild(const void *user_data) {
 	addnewvar("LOGNAME", ses.authstate.pw_name);
 	addnewvar("HOME", ses.authstate.pw_dir);
 	addnewvar("SHELL", get_user_shell());
-	addnewvar("PATH", DEFAULT_PATH);
+	if (getuid() == 0) {
+		addnewvar("PATH", DEFAULT_ROOT_PATH);
+	} else {
+		addnewvar("PATH", DEFAULT_PATH);
+	}
 	if (cp != NULL) {
 		addnewvar("LANG", cp);
 		m_free(cp);